-001: RELIABILITY FIX: March 15, 2013
+001: RELIABILITY FIX: March 15, 2013All architectures
A rare condition during session startup may cause bgpd to replace
an active session leading to unknown consequences. Bug found by
@@ -99,7 +97,7 @@
-002: RELIABILITY FIX: May 5, 2013
+002: RELIABILITY FIX: May 5, 2013All architectures
A flaw exists in the vr(4) driver that may cause it to not recover from some error conditions.
@@ -110,7 +108,7 @@
-003: RELIABILITY FIX: May 17, 2013
+003: RELIABILITY FIX: May 17, 2013All architectures
A problem exists in
nginx(8)
@@ -125,7 +123,7 @@
-004: RELIABILITY FIX: May 17, 2013
+004: RELIABILITY FIX: May 17, 2013All architectures
As discovered by Peter Philipp, it is possible for an unprivileged user
process to trigger deleting the undeletable RNF_ROOT route, resulting in
@@ -137,7 +135,7 @@
-005: RELIABILITY FIX: May 31, 2013
+005: RELIABILITY FIX: May 31, 2013All architectures
A local denial of service is possible by an unprivileged user if the
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially
@@ -148,7 +146,7 @@
-006: RELIABILITY FIX: June 12, 2013
+006: RELIABILITY FIX: June 12, 2013All architectures
A denial of services was discovered where certain combinations of
TFTP options could cause OACK generation to fail, which in turn
@@ -159,7 +157,7 @@
-007: RELIABILITY FIX: June 12, 2013
+007: RELIABILITY FIX: June 12, 2013All architectures
Two flaws in the vio(4)
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
@@ -169,7 +167,7 @@
-008: RELIABILITY FIX: Nov 7, 2013
+008: RELIABILITY FIX: Nov 7, 2013All architectures
A crash can happen on
pflow(4)
@@ -181,7 +179,7 @@
-009: SECURITY FIX: Nov 7, 2013
+009: SECURITY FIX: Nov 7, 2013All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
@@ -196,7 +194,7 @@
-010: RELIABILITY FIX: Nov 11, 2013
+010: RELIABILITY FIX: Nov 11, 2013All architectures
An unprivileged user may hang the system.
@@ -206,7 +204,7 @@
-011: SECURITY FIX: Nov 21, 2013
+011: SECURITY FIX: Nov 21, 2013All architectures
A problem exists in
nginx(8)
@@ -219,7 +217,7 @@
-012: RELIABILITY FIX: Dec 19, 2013
+012: RELIABILITY FIX: Dec 19, 2013Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
the application. The i386, amd64, vax and m68k platforms aren't
@@ -230,7 +228,7 @@
-013: SECURITY FIX: Jan 10, 2014
+013: SECURITY FIX: Jan 10, 2014All architectures
A BDF font file containing a longer than expected string could overflow
a buffer on the stack in the X server.
@@ -241,7 +239,7 @@
-014: SECURITY FIX: April 8, 2014
+014: SECURITY FIX: April 8, 2014All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
heartbeat extension (RFC6520) which can result in a leak of memory contents.
@@ -251,7 +249,7 @@
-015: SECURITY FIX: April 12, 2014
+015: SECURITY FIX: April 12, 2014All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
to inject data from one connection into another.
@@ -263,6 +261,3 @@